General
-
Target
2d8e9c0aad275c24e69201fd2788453adb477776a0126dd007c8c837aa84ada0.exe
-
Size
1.8MB
-
Sample
241117-jwbjxavjds
-
MD5
4e34f989049727a6e294550c835c5c44
-
SHA1
5ecb56727935c4c7bc5bca66a1814e1fcc06bc94
-
SHA256
2d8e9c0aad275c24e69201fd2788453adb477776a0126dd007c8c837aa84ada0
-
SHA512
36d112888a4fd31760c935dc7b67eba3a768ef1c9f48c47bb2796d5b8e38778749c38a4eb3de37ba8b104138ccfb57c76861cf8186934d73ddfe75ba436546c1
-
SSDEEP
49152:KCOQbc/S421ZIEnHQsm3Eji5TAJCi1Cw5R4fxFRJpDyeI7:yu0i1KOHXc35SC2IzvI7
Static task
static1
Behavioral task
behavioral1
Sample
2d8e9c0aad275c24e69201fd2788453adb477776a0126dd007c8c837aa84ada0.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2d8e9c0aad275c24e69201fd2788453adb477776a0126dd007c8c837aa84ada0.exe
-
Size
1.8MB
-
MD5
4e34f989049727a6e294550c835c5c44
-
SHA1
5ecb56727935c4c7bc5bca66a1814e1fcc06bc94
-
SHA256
2d8e9c0aad275c24e69201fd2788453adb477776a0126dd007c8c837aa84ada0
-
SHA512
36d112888a4fd31760c935dc7b67eba3a768ef1c9f48c47bb2796d5b8e38778749c38a4eb3de37ba8b104138ccfb57c76861cf8186934d73ddfe75ba436546c1
-
SSDEEP
49152:KCOQbc/S421ZIEnHQsm3Eji5TAJCi1Cw5R4fxFRJpDyeI7:yu0i1KOHXc35SC2IzvI7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2